Latitude Financial has been hit by a cyberattack, with hackers stealing the personal information of more than 300,000 customers.
The lender said it appeared to be the target of a “sophisticated and malicious cyberattack”, with customer data stolen from two of its service providers.
Approximately 103,000 identification documents were stolen from the first provider, 97 per cent of which were copies of driver’s licences. A further 225,000 customer records were stolen from the second provider.
The company said it detected unusual activity on its systems over the past few days.
“While Latitude took immediate action, the attacker was able to obtain Latitude employee login credentials before the incident was isolated,” Latitude Finance said.
“The attacker appears to have used the employee login credentials to steal personal information that was held by two other service providers.”
Latitude Financial is a provider of credit cards and loans, as well as providing a buy now, pay later scheme to retailers such as Harvey Norman, JB Hi-Fi, David Jones and The Good Guys.
Last month, the lender announced it would be closing its buy now, pay later LatitudePay on April 11.
What to do if you are customer
Latitude Financial said it would be contacting impacted customers directly.
“At this stage, there is no other action required by our customers. They should maintain a normal level of vigilance on their accounts and report anything suspicious through our Customer Care team,” the company advised.
Latitude Financial said customers could continue to transact, however it had shut down a number of internal and customer-facing systems, which was causing disruption.
Several law firms are now in the process of taking legal action against Medibank and Optus to seek compensation for impacted Aussies.